file_multi_policy_injection_bypass_2.html (616B)
1 <html> 2 <!-- 3 https://bugzilla.mozilla.org/show_bug.cgi?id=717511 4 --> 5 <body> 6 <!-- these should be stopped by CSP after fixing bug 717511. :) --> 7 <img src="http://example.org/tests/dom/security/test/csp/file_CSP.sjs?testid=img2_bad&type=img/png"> </img> 8 <script src='http://example.org/tests/dom/security/test/csp/file_CSP.sjs?testid=script2_bad&type=text/javascript'></script> 9 10 <!-- these should load ok after fixing bug 717511. :) --> 11 <img src="file_CSP.sjs?testid=img2_good&type=img/png" /> 12 <script src='file_CSP.sjs?testid=script2_good&type=text/javascript'></script> 13 14 </body> 15 </html>